1 files changed, 0 insertions, 239 deletions
diff --git a/src/lib/libcrypto/man/OCSP_cert_to_id.3 b/src/lib/libcrypto/man/OCSP_cert_to_id.3
deleted file mode 100644
index e014a1d262..0000000000
--- a/src/lib/libcrypto/man/OCSP_cert_to_id.3
+++ /dev/null
@@ -1,239 +0,0 @@
-.\"     $OpenBSD: OCSP_cert_to_id.3,v 1.13 2024/08/24 19:31:09 tb Exp $
-.\"     OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
-.\"
-.\" This file is a derived work.
-.\" The changes are covered by the following Copyright and license:
-.\"
-.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
-.\" Copyright (c) 2014, 2016 The OpenSSL Project.  All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\"
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in
-.\"    the documentation and/or other materials provided with the
-.\"    distribution.
-.\"
-.\" 3. All advertising materials mentioning features or use of this
-.\"    software must display the following acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
-.\"
-.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-.\"    endorse or promote products derived from this software without
-.\"    prior written permission. For written permission, please contact
-.\"    openssl-core@openssl.org.
-.\"
-.\" 5. Products derived from this software may not be called "OpenSSL"
-.\"    nor may "OpenSSL" appear in their names without prior written
-.\"    permission of the OpenSSL Project.
-.\"
-.\" 6. Redistributions of any form whatsoever must retain the following
-.\"    acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-.\" OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.Dd $Mdocdate: August 24 2024 $
-.Dt OCSP_CERT_TO_ID 3
-.Os
-.Sh NAME
-.Nm OCSP_CERTID_new ,
-.Nm OCSP_CERTID_free ,
-.Nm OCSP_cert_to_id ,
-.Nm OCSP_cert_id_new ,
-.Nm OCSP_id_issuer_cmp ,
-.Nm OCSP_id_cmp ,
-.Nm OCSP_id_get0_info
-.Nd OCSP certificate ID utility functions
-.Sh SYNOPSIS
-.In openssl/ocsp.h
-.Ft OCSP_CERTID *
-.Fn OCSP_CERTID_new void
-.Ft void
-.Fn OCSP_CERTID_free "OCSP_CERTID *id"
-.Ft OCSP_CERTID *
-.Fo OCSP_cert_to_id
-.Fa "const EVP_MD *dgst"
-.Fa "const X509 *subject"
-.Fa "const X509 *issuer"
-.Fc
-.Ft OCSP_CERTID *
-.Fo OCSP_cert_id_new
-.Fa "const EVP_MD *dgst"
-.Fa "const X509_NAME *issuerName"
-.Fa "const ASN1_BIT_STRING *issuerKey"
-.Fa "const ASN1_INTEGER *serialNumber"
-.Fc
-.Ft int
-.Fo OCSP_id_issuer_cmp
-.Fa "OCSP_CERTID *a"
-.Fa "OCSP_CERTID *b"
-.Fc
-.Ft int
-.Fo OCSP_id_cmp
-.Fa "OCSP_CERTID *a"
-.Fa "OCSP_CERTID *b"
-.Fc
-.Ft int
-.Fo OCSP_id_get0_info
-.Fa "ASN1_OCTET_STRING **piNameHash"
-.Fa "ASN1_OBJECT **pmd"
-.Fa "ASN1_OCTET_STRING **pikeyHash"
-.Fa "ASN1_INTEGER **pserial"
-.Fa "OCSP_CERTID *cid"
-.Fc
-.Sh DESCRIPTION
-.Fn OCSP_CERTID_new
-allocates and initializes an empty
-.Vt OCSP_CERTID
-object, representing an ASN.1
-.Vt CertID
-structure defined in RFC 6960.
-It can store hashes of an issuer's distinguished name and public
-key together with a serial number of a certificate.
-It is used by the
-.Vt OCSP_ONEREQ
-object described in
-.Xr OCSP_ONEREQ_new 3
-and by the
-.Vt OCSP_SINGLERESP
-object described in
-.Xr OCSP_SINGLERESP_new 3 .
-.Fn OCSP_CERTID_free
-frees
-.Fa id .
-.Pp
-.Fn OCSP_cert_to_id
-creates and returns a new
-.Vt OCSP_CERTID
-object using message digest
-.Fa dgst
-for certificate
-.Fa subject
-with issuer
-.Fa issuer .
-If
-.Fa dgst
-is
-.Dv NULL
-then SHA1 is used.
-.Pp
-.Fn OCSP_cert_id_new
-creates and returns a new
-.Vt OCSP_CERTID
-using
-.Fa dgst
-and issuer name
-.Fa issuerName ,
-issuer key hash
-.Fa issuerKey
-and serial number
-.Fa serialNumber .
-.Pp
-.Fn OCSP_id_issuer_cmp
-compares the hash algorithms,
-the hashed issuer distinguished names and
-the hashed public keys of
-.Vt OCSP_CERTID
-.Fa a
-and
-.Fa b .
-.Pp
-.Fn OCSP_id_cmp
-compares
-.Vt OCSP_CERTID
-.Fa a
-and
-.Fa b
-using
-.Fn OCSP_id_issuer_cmp
-followed by a comparison of the certificate serial numbers with
-.Xr ASN1_INTEGER_cmp 3 .
-.Pp
-.Fn OCSP_id_get0_info
-returns the issuer name hash, hash OID, issuer key hash and serial
-number contained in
-.Fa cid .
-If any of the values are not required, the corresponding parameter can be
-set to
-.Dv NULL .
-The values returned by
-.Fn OCSP_id_get0_info
-are internal pointers and must not be freed up by an application:
-they will be freed when the corresponding
-.Vt OCSP_CERTID
-object is freed.
-.Pp
-OCSP clients will typically only use
-.Fn OCSP_cert_to_id
-or
-.Fn OCSP_cert_id_new :
-the other functions are used by responder applications.
-.Sh RETURN VALUES
-.Fn OCSP_CERTID_new ,
-.Fn OCSP_cert_to_id ,
-and
-.Fn OCSP_cert_id_new
-return either a pointer to a valid
-.Vt OCSP_CERTID
-object or
-.Dv NULL
-if an error occurred.
-.Pp
-.Fn OCSP_id_cmp
-and
-.Fn OCSP_id_issuer_cmp
-return 0 for a match or non-zero otherwise.
-.Pp
-.Fn OCSP_id_get0_info
-returns 1 for success or 0 for failure.
-.Sh SEE ALSO
-.Xr ASN1_INTEGER_cmp 3 ,
-.Xr EVP_DigestInit 3 ,
-.Xr OCSP_request_add1_nonce 3 ,
-.Xr OCSP_REQUEST_new 3 ,
-.Xr OCSP_resp_find_status 3 ,
-.Xr OCSP_response_status 3 ,
-.Xr OCSP_sendreq_new 3 ,
-.Xr X509_get_issuer_name 3 ,
-.Xr X509_NAME_new 3 ,
-.Xr X509_ocspid_print 3
-.Sh STANDARDS
-RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate
-Status Protocol, section 4: Details of the Protocol
-.Sh HISTORY
-These functions first appeared in OpenSSL 0.9.7
-and have been available since
-.Ox 3.2 .

diff --git a/src/lib/libcrypto/man/OCSP_cert_to_id.3 b/src/lib/libcrypto/man/OCSP_cert_to_id.3 deleted file mode 100644 index e014a1d262..0000000000 --- a/src/lib/libcrypto/man/OCSP_cert_to_id.3 +++ /dev/null
@@ -1,239 +0,0 @@
1	.\" $OpenBSD: OCSP_cert_to_id.3,v 1.13 2024/08/24 19:31:09 tb Exp $
2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3	.\"
4	.\" This file is a derived work.
5	.\" The changes are covered by the following Copyright and license:
6	.\"
7	.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
8	.\"
9	.\" Permission to use, copy, modify, and distribute this software for any
10	.\" purpose with or without fee is hereby granted, provided that the above
11	.\" copyright notice and this permission notice appear in all copies.
12	.\"
13	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20	.\"
21	.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
22	.\" Copyright (c) 2014, 2016 The OpenSSL Project. All rights reserved.
23	.\"
24	.\" Redistribution and use in source and binary forms, with or without
25	.\" modification, are permitted provided that the following conditions
26	.\" are met:
27	.\"
28	.\" 1. Redistributions of source code must retain the above copyright
29	.\" notice, this list of conditions and the following disclaimer.
30	.\"
31	.\" 2. Redistributions in binary form must reproduce the above copyright
32	.\" notice, this list of conditions and the following disclaimer in
33	.\" the documentation and/or other materials provided with the
34	.\" distribution.
35	.\"
36	.\" 3. All advertising materials mentioning features or use of this
37	.\" software must display the following acknowledgment:
38	.\" "This product includes software developed by the OpenSSL Project
39	.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
40	.\"
41	.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
42	.\" endorse or promote products derived from this software without
43	.\" prior written permission. For written permission, please contact
44	.\" openssl-core@openssl.org.
45	.\"
46	.\" 5. Products derived from this software may not be called "OpenSSL"
47	.\" nor may "OpenSSL" appear in their names without prior written
48	.\" permission of the OpenSSL Project.
49	.\"
50	.\" 6. Redistributions of any form whatsoever must retain the following
51	.\" acknowledgment:
52	.\" "This product includes software developed by the OpenSSL Project
53	.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
54	.\"
55	.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
56	.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
57	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
58	.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
59	.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
60	.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
61	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
62	.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
63	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
64	.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
65	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
66	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
67	.\"
68	.Dd $Mdocdate: August 24 2024 $
69	.Dt OCSP_CERT_TO_ID 3
70	.Os
71	.Sh NAME
72	.Nm OCSP_CERTID_new ,
73	.Nm OCSP_CERTID_free ,
74	.Nm OCSP_cert_to_id ,
75	.Nm OCSP_cert_id_new ,
76	.Nm OCSP_id_issuer_cmp ,
77	.Nm OCSP_id_cmp ,
78	.Nm OCSP_id_get0_info
79	.Nd OCSP certificate ID utility functions
80	.Sh SYNOPSIS
81	.In openssl/ocsp.h
82	.Ft OCSP_CERTID *
83	.Fn OCSP_CERTID_new void
84	.Ft void
85	.Fn OCSP_CERTID_free "OCSP_CERTID *id"
86	.Ft OCSP_CERTID *
87	.Fo OCSP_cert_to_id
88	.Fa "const EVP_MD *dgst"
89	.Fa "const X509 *subject"
90	.Fa "const X509 *issuer"
91	.Fc
92	.Ft OCSP_CERTID *
93	.Fo OCSP_cert_id_new
94	.Fa "const EVP_MD *dgst"
95	.Fa "const X509_NAME *issuerName"
96	.Fa "const ASN1_BIT_STRING *issuerKey"
97	.Fa "const ASN1_INTEGER *serialNumber"
98	.Fc
99	.Ft int
100	.Fo OCSP_id_issuer_cmp
101	.Fa "OCSP_CERTID *a"
102	.Fa "OCSP_CERTID *b"
103	.Fc
104	.Ft int
105	.Fo OCSP_id_cmp
106	.Fa "OCSP_CERTID *a"
107	.Fa "OCSP_CERTID *b"
108	.Fc
109	.Ft int
110	.Fo OCSP_id_get0_info
111	.Fa "ASN1_OCTET_STRING **piNameHash"
112	.Fa "ASN1_OBJECT **pmd"
113	.Fa "ASN1_OCTET_STRING **pikeyHash"
114	.Fa "ASN1_INTEGER **pserial"
115	.Fa "OCSP_CERTID *cid"
116	.Fc
117	.Sh DESCRIPTION
118	.Fn OCSP_CERTID_new
119	allocates and initializes an empty
120	.Vt OCSP_CERTID
121	object, representing an ASN.1
122	.Vt CertID
123	structure defined in RFC 6960.
124	It can store hashes of an issuer's distinguished name and public
125	key together with a serial number of a certificate.
126	It is used by the
127	.Vt OCSP_ONEREQ
128	object described in
129	.Xr OCSP_ONEREQ_new 3
130	and by the
131	.Vt OCSP_SINGLERESP
132	object described in
133	.Xr OCSP_SINGLERESP_new 3 .
134	.Fn OCSP_CERTID_free
135	frees
136	.Fa id .
137	.Pp
138	.Fn OCSP_cert_to_id
139	creates and returns a new
140	.Vt OCSP_CERTID
141	object using message digest
142	.Fa dgst
143	for certificate
144	.Fa subject
145	with issuer
146	.Fa issuer .
147	If
148	.Fa dgst
149	is
150	.Dv NULL
151	then SHA1 is used.
152	.Pp
153	.Fn OCSP_cert_id_new
154	creates and returns a new
155	.Vt OCSP_CERTID
156	using
157	.Fa dgst
158	and issuer name
159	.Fa issuerName ,
160	issuer key hash
161	.Fa issuerKey
162	and serial number
163	.Fa serialNumber .
164	.Pp
165	.Fn OCSP_id_issuer_cmp
166	compares the hash algorithms,
167	the hashed issuer distinguished names and
168	the hashed public keys of
169	.Vt OCSP_CERTID
170	.Fa a
171	and
172	.Fa b .
173	.Pp
174	.Fn OCSP_id_cmp
175	compares
176	.Vt OCSP_CERTID
177	.Fa a
178	and
179	.Fa b
180	using
181	.Fn OCSP_id_issuer_cmp
182	followed by a comparison of the certificate serial numbers with
183	.Xr ASN1_INTEGER_cmp 3 .
184	.Pp
185	.Fn OCSP_id_get0_info
186	returns the issuer name hash, hash OID, issuer key hash and serial
187	number contained in
188	.Fa cid .
189	If any of the values are not required, the corresponding parameter can be
190	set to
191	.Dv NULL .
192	The values returned by
193	.Fn OCSP_id_get0_info
194	are internal pointers and must not be freed up by an application:
195	they will be freed when the corresponding
196	.Vt OCSP_CERTID
197	object is freed.
198	.Pp
199	OCSP clients will typically only use
200	.Fn OCSP_cert_to_id
201	or
202	.Fn OCSP_cert_id_new :
203	the other functions are used by responder applications.
204	.Sh RETURN VALUES
205	.Fn OCSP_CERTID_new ,
206	.Fn OCSP_cert_to_id ,
207	and
208	.Fn OCSP_cert_id_new
209	return either a pointer to a valid
210	.Vt OCSP_CERTID
211	object or
212	.Dv NULL
213	if an error occurred.
214	.Pp
215	.Fn OCSP_id_cmp
216	and
217	.Fn OCSP_id_issuer_cmp
218	return 0 for a match or non-zero otherwise.
219	.Pp
220	.Fn OCSP_id_get0_info
221	returns 1 for success or 0 for failure.
222	.Sh SEE ALSO
223	.Xr ASN1_INTEGER_cmp 3 ,
224	.Xr EVP_DigestInit 3 ,
225	.Xr OCSP_request_add1_nonce 3 ,
226	.Xr OCSP_REQUEST_new 3 ,
227	.Xr OCSP_resp_find_status 3 ,
228	.Xr OCSP_response_status 3 ,
229	.Xr OCSP_sendreq_new 3 ,
230	.Xr X509_get_issuer_name 3 ,
231	.Xr X509_NAME_new 3 ,
232	.Xr X509_ocspid_print 3
233	.Sh STANDARDS
234	RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate
235	Status Protocol, section 4: Details of the Protocol
236	.Sh HISTORY
237	These functions first appeared in OpenSSL 0.9.7
238	and have been available since
239	.Ox 3.2 .