OCSP_id_cmp (3)

Leading comments

Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)

Standard preamble:
========================================================================

(The comments found at the beginning of the groff file "man3/OCSP_id_cmp.3ssl".)

NAME

OCSP_cert_to_id, OCSP_cert_id_new, OCSP_CERTID_free, OCSP_id_issuer_cmp, OCSP_id_cmp, OCSP_id_get0_info - OCSP certificate ID utility functions

SYNOPSIS

 #include <openssl/ocsp.h>

 OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst,
                              X509 *subject, X509 *issuer);

 OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
                               X509_NAME *issuerName,
                               ASN1_BIT_STRING *issuerKey,
                               ASN1_INTEGER *serialNumber);

 void OCSP_CERTID_free(OCSP_CERTID *id);

 int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
 int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);

 int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
                       ASN1_OCTET_STRING **pikeyHash,
                       ASN1_INTEGER **pserial, OCSP_CERTID *cid);

DESCRIPTION

OCSP_cert_to_id() creates and returns a new structure using message digest dgst for certificate subject with issuer issuer. If dgst is then is used.

OCSP_cert_id_new() creates and returns a new

using dgst and issuer name issuerName, issuer key hash issuerKey and serial number serialNumber.

OCSP_CERTID_free() frees up id.

OCSP_id_cmp() compares

a and b.

OCSP_id_issuer_cmp() compares only the issuer name of

a and b.

OCSP_id_get0_info() returns the issuer name hash, hash

issuer key hash and serial number contained in cid. If any of the values are not required the corresponding parameter can be set to .

RETURN VALUES

OCSP_cert_to_id() and OCSP_cert_id_new() return either a pointer to a valid structure or if an error occurred.

OCSP_id_cmp() and OCSP_id_issuer_cmp() returns zero for a match and non-zero otherwise.

OCSP_CERTID_free() does not return a value.

OCSP_id_get0_info() returns 1 for success and 0 for failure.

NOTES

clients will typically only use OCSP_cert_to_id() or OCSP_cert_id_new(): the other functions are used by responder applications.

The values returned by OCSP_id_get0_info() are internal pointers and

be freed up by an application: they will be freed when the corresponding structure is freed.

SEE ALSO

crypto(3), OCSP_request_add1_nonce(3), OCSP_REQUEST_new(3), OCSP_response_find_status(3), OCSP_response_status(3), OCSP_sendreq_new(3)

COPYRIGHT

Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the OpenSSL license (the ``License''). You may not use this file except in compliance with the License. You can obtain a copy in the file

in the source distribution or at <www.openssl.org/source/license.html>.