From: tb Date: Sat, 24 Aug 2024 19:31:09 +0000 (+0000) Subject: More precision on what exactly OCSP_id_cmp and OCSP_issuer_id_cmp compare. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=46a2527127dfda51b9a747878391a1a30ed37ced;p=openbsd More precision on what exactly OCSP_id_cmp and OCSP_issuer_id_cmp compare. The existing description was lacking and incorrect, respectively. --- diff --git a/lib/libcrypto/man/OCSP_cert_to_id.3 b/lib/libcrypto/man/OCSP_cert_to_id.3 index 73a21867b9c..e014a1d2622 100644 --- a/lib/libcrypto/man/OCSP_cert_to_id.3 +++ b/lib/libcrypto/man/OCSP_cert_to_id.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: OCSP_cert_to_id.3,v 1.12 2022/03/31 17:27:17 naddy Exp $ +.\" $OpenBSD: OCSP_cert_to_id.3,v 1.13 2024/08/24 19:31:09 tb Exp $ .\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 .\" .\" This file is a derived work. @@ -65,7 +65,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 31 2022 $ +.Dd $Mdocdate: August 24 2024 $ .Dt OCSP_CERT_TO_ID 3 .Os .Sh NAME @@ -162,19 +162,25 @@ issuer key hash and serial number .Fa serialNumber . .Pp -.Fn OCSP_id_cmp -compares +.Fn OCSP_id_issuer_cmp +compares the hash algorithms, +the hashed issuer distinguished names and +the hashed public keys of .Vt OCSP_CERTID .Fa a and .Fa b . .Pp -.Fn OCSP_id_issuer_cmp -compares only the issuer name of +.Fn OCSP_id_cmp +compares .Vt OCSP_CERTID .Fa a and -.Fa b . +.Fa b +using +.Fn OCSP_id_issuer_cmp +followed by a comparison of the certificate serial numbers with +.Xr ASN1_INTEGER_cmp 3 . .Pp .Fn OCSP_id_get0_info returns the issuer name hash, hash OID, issuer key hash and serial @@ -214,6 +220,7 @@ return 0 for a match or non-zero otherwise. .Fn OCSP_id_get0_info returns 1 for success or 0 for failure. .Sh SEE ALSO +.Xr ASN1_INTEGER_cmp 3 , .Xr EVP_DigestInit 3 , .Xr OCSP_request_add1_nonce 3 , .Xr OCSP_REQUEST_new 3 ,