1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimOCSP_cert_to_id, OCSP_cert_id_new, OCSP_CERTID_free, OCSP_id_issuer_cmp, 6e71b7053SJung-uk KimOCSP_id_cmp, OCSP_id_get0_info - OCSP certificate ID utility functions 7e71b7053SJung-uk Kim 8e71b7053SJung-uk Kim=head1 SYNOPSIS 9e71b7053SJung-uk Kim 10e71b7053SJung-uk Kim #include <openssl/ocsp.h> 11e71b7053SJung-uk Kim 12e71b7053SJung-uk Kim OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, 13e71b7053SJung-uk Kim X509 *subject, X509 *issuer); 14e71b7053SJung-uk Kim 15e71b7053SJung-uk Kim OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, 16e71b7053SJung-uk Kim X509_NAME *issuerName, 17e71b7053SJung-uk Kim ASN1_BIT_STRING *issuerKey, 18e71b7053SJung-uk Kim ASN1_INTEGER *serialNumber); 19e71b7053SJung-uk Kim 20e71b7053SJung-uk Kim void OCSP_CERTID_free(OCSP_CERTID *id); 21e71b7053SJung-uk Kim 22610a21fdSJung-uk Kim int OCSP_id_issuer_cmp(const OCSP_CERTID *a, const OCSP_CERTID *b); 23610a21fdSJung-uk Kim int OCSP_id_cmp(const OCSP_CERTID *a, const OCSP_CERTID *b); 24e71b7053SJung-uk Kim 25e71b7053SJung-uk Kim int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd, 26e71b7053SJung-uk Kim ASN1_OCTET_STRING **pikeyHash, 27e71b7053SJung-uk Kim ASN1_INTEGER **pserial, OCSP_CERTID *cid); 28e71b7053SJung-uk Kim 29e71b7053SJung-uk Kim 30e71b7053SJung-uk Kim=head1 DESCRIPTION 31e71b7053SJung-uk Kim 32e71b7053SJung-uk KimOCSP_cert_to_id() creates and returns a new B<OCSP_CERTID> structure using 33e71b7053SJung-uk Kimmessage digest B<dgst> for certificate B<subject> with issuer B<issuer>. If 34e71b7053SJung-uk KimB<dgst> is B<NULL> then SHA1 is used. 35e71b7053SJung-uk Kim 36e71b7053SJung-uk KimOCSP_cert_id_new() creates and returns a new B<OCSP_CERTID> using B<dgst> and 37e71b7053SJung-uk Kimissuer name B<issuerName>, issuer key hash B<issuerKey> and serial number 38e71b7053SJung-uk KimB<serialNumber>. 39e71b7053SJung-uk Kim 40e71b7053SJung-uk KimOCSP_CERTID_free() frees up B<id>. 41*a7148ab3SEnji CooperIf the argument is NULL, nothing is done. 42e71b7053SJung-uk Kim 43e71b7053SJung-uk KimOCSP_id_cmp() compares B<OCSP_CERTID> B<a> and B<b>. 44e71b7053SJung-uk Kim 45e71b7053SJung-uk KimOCSP_id_issuer_cmp() compares only the issuer name of B<OCSP_CERTID> B<a> and B<b>. 46e71b7053SJung-uk Kim 47e71b7053SJung-uk KimOCSP_id_get0_info() returns the issuer name hash, hash OID, issuer key hash and 48e71b7053SJung-uk Kimserial number contained in B<cid>. If any of the values are not required the 49e71b7053SJung-uk Kimcorresponding parameter can be set to B<NULL>. 50e71b7053SJung-uk Kim 51e71b7053SJung-uk Kim=head1 RETURN VALUES 52e71b7053SJung-uk Kim 53e71b7053SJung-uk KimOCSP_cert_to_id() and OCSP_cert_id_new() return either a pointer to a valid 54e71b7053SJung-uk KimB<OCSP_CERTID> structure or B<NULL> if an error occurred. 55e71b7053SJung-uk Kim 5658f35182SJung-uk KimOCSP_id_cmp() and OCSP_id_issuer_cmp() returns zero for a match and nonzero 57e71b7053SJung-uk Kimotherwise. 58e71b7053SJung-uk Kim 59e71b7053SJung-uk KimOCSP_CERTID_free() does not return a value. 60e71b7053SJung-uk Kim 61e71b7053SJung-uk KimOCSP_id_get0_info() returns 1 for success and 0 for failure. 62e71b7053SJung-uk Kim 63e71b7053SJung-uk Kim=head1 NOTES 64e71b7053SJung-uk Kim 65e71b7053SJung-uk KimOCSP clients will typically only use OCSP_cert_to_id() or OCSP_cert_id_new(): 66e71b7053SJung-uk Kimthe other functions are used by responder applications. 67e71b7053SJung-uk Kim 68e71b7053SJung-uk KimThe values returned by OCSP_id_get0_info() are internal pointers and B<MUST 69e71b7053SJung-uk KimNOT> be freed up by an application: they will be freed when the corresponding 70e71b7053SJung-uk KimB<OCSP_CERTID> structure is freed. 71e71b7053SJung-uk Kim 72e71b7053SJung-uk Kim=head1 SEE ALSO 73e71b7053SJung-uk Kim 74e71b7053SJung-uk KimL<crypto(7)>, 75e71b7053SJung-uk KimL<OCSP_request_add1_nonce(3)>, 76e71b7053SJung-uk KimL<OCSP_REQUEST_new(3)>, 77e71b7053SJung-uk KimL<OCSP_resp_find_status(3)>, 78e71b7053SJung-uk KimL<OCSP_response_status(3)>, 79e71b7053SJung-uk KimL<OCSP_sendreq_new(3)> 80e71b7053SJung-uk Kim 81e71b7053SJung-uk Kim=head1 COPYRIGHT 82e71b7053SJung-uk Kim 83*a7148ab3SEnji CooperCopyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved. 84e71b7053SJung-uk Kim 85b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 86e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 87e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 88e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 89e71b7053SJung-uk Kim 90e71b7053SJung-uk Kim=cut 91