1 files changed, 0 insertions, 308 deletions
diff --git a/src/lib/libcrypto/man/OCSP_response_status.3 b/src/lib/libcrypto/man/OCSP_response_status.3
deleted file mode 100644
index 4e85384fb0..0000000000
--- a/src/lib/libcrypto/man/OCSP_response_status.3
+++ /dev/null
@@ -1,308 +0,0 @@
-.\" $OpenBSD: OCSP_response_status.3,v 1.8 2019/08/27 09:40:29 schwarze Exp $
-.\" full merge up to: OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400
-.\" selective merge up to: OpenSSL 6738bf14 Feb 13 12:51:29 2018 +0000
-.\"
-.\" This file is a derived work.
-.\" The changes are covered by the following Copyright and license:
-.\"
-.\" Copyright (c) 2016, 2019 Ingo Schwarze <schwarze@openbsd.org>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
-.\" Copyright (c) 2014, 2016, 2018 The OpenSSL Project.  All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\"
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in
-.\"    the documentation and/or other materials provided with the
-.\"    distribution.
-.\"
-.\" 3. All advertising materials mentioning features or use of this
-.\"    software must display the following acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
-.\"
-.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-.\"    endorse or promote products derived from this software without
-.\"    prior written permission. For written permission, please contact
-.\"    openssl-core@openssl.org.
-.\"
-.\" 5. Products derived from this software may not be called "OpenSSL"
-.\"    nor may "OpenSSL" appear in their names without prior written
-.\"    permission of the OpenSSL Project.
-.\"
-.\" 6. Redistributions of any form whatsoever must retain the following
-.\"    acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-.\" OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.Dd $Mdocdate: August 27 2019 $
-.Dt OCSP_RESPONSE_STATUS 3
-.Os
-.Sh NAME
-.Nm OCSP_RESPONSE_new ,
-.Nm OCSP_RESPONSE_free ,
-.Nm OCSP_RESPBYTES_new ,
-.Nm OCSP_RESPBYTES_free ,
-.Nm OCSP_BASICRESP_new ,
-.Nm OCSP_BASICRESP_free ,
-.Nm OCSP_RESPDATA_new ,
-.Nm OCSP_RESPDATA_free ,
-.Nm OCSP_RESPID_new ,
-.Nm OCSP_RESPID_free ,
-.Nm OCSP_response_create ,
-.Nm OCSP_response_status ,
-.Nm OCSP_response_status_str ,
-.Nm OCSP_response_get1_basic ,
-.Nm OCSP_basic_sign
-.Nd OCSP response functions
-.Sh SYNOPSIS
-.In openssl/ocsp.h
-.Ft OCSP_RESPONSE *
-.Fn OCSP_RESPONSE_new void
-.Ft void
-.Fn OCSP_RESPONSE_free "OCSP_RESPONSE *resp"
-.Ft OCSP_RESPBYTES *
-.Fn OCSP_RESPBYTES_new void
-.Ft void
-.Fn OCSP_RESPBYTES_free "OCSP_RESPBYTES *respbytes"
-.Ft OCSP_BASICRESP *
-.Fn OCSP_BASICRESP_new void
-.Ft void
-.Fn OCSP_BASICRESP_free "OCSP_BASICRESP *bs"
-.Ft OCSP_RESPDATA *
-.Fn OCSP_RESPDATA_new void
-.Ft void
-.Fn OCSP_RESPDATA_free "OCSP_RESPDATA *respdata"
-.Ft OCSP_RESPID *
-.Fn OCSP_RESPID_new void
-.Ft void
-.Fn OCSP_RESPID_free "OCSP_RESPID *respid"
-.Ft OCSP_RESPONSE *
-.Fo OCSP_response_create
-.Fa "int status"
-.Fa "OCSP_BASICRESP *bs"
-.Fc
-.Ft int
-.Fo OCSP_response_status
-.Fa "OCSP_RESPONSE *resp"
-.Fc
-.Ft const char *
-.Fo OCSP_response_status_str
-.Fa "long code"
-.Fc
-.Ft OCSP_BASICRESP *
-.Fo OCSP_response_get1_basic
-.Fa "OCSP_RESPONSE *resp"
-.Fc
-.Ft int
-.Fo OCSP_basic_sign
-.Fa "OCSP_BASICRESP *bs"
-.Fa "X509 *signer"
-.Fa "EVP_PKEY *key"
-.Fa "const EVP_MD *dgst"
-.Fa "STACK_OF(X509) *certs"
-.Fa "unsigned long flags"
-.Fc
-.Sh DESCRIPTION
-.Fn OCSP_RESPONSE_new
-allocates and initializes an empty
-.Vt OCSP_RESPONSE
-object, representing an ASN.1
-.Vt OCSPResponse
-structure defined in RFC 6960.
-.Fn OCSP_RESPONSE_free
-frees
-.Fa resp .
-.Pp
-.Fn OCSP_RESPBYTES_new
-allocates and initializes an empty
-.Vt OCSP_RESPBYTES
-object, representing an ASN.1
-.Vt ResponseBytes
-structure defined in RFC 6960.
-Such an object is used inside
-.Vt OCSP_RESPONSE .
-.Fn OCSP_RESPBYTES_free
-frees
-.Fa respbytes .
-.Pp
-.Fn OCSP_BASICRESP_new
-allocates and initializes an empty
-.Vt OCSP_BASICRESP
-object, representing an ASN.1
-.Vt BasicOCSPResponse
-structure defined in RFC 6960.
-.Vt OCSP_RESPBYTES
-contains the DER-encoded form of an
-.Vt OCSP_BASICRESP
-object.
-.Fn OCSP_BASICRESP_free
-frees
-.Fa bs .
-.Pp
-.Fn OCSP_RESPDATA_new
-allocates and initializes an empty
-.Vt OCSP_RESPDATA
-object, representing an ASN.1
-.Vt ResponseData
-structure defined in RFC 6960.
-Such an object is used inside
-.Vt OCSP_BASICRESP .
-.Fn OCSP_RESPDATA_free
-frees
-.Fa respdata .
-.Pp
-.Fn OCSP_RESPID_new
-allocates and initializes an empty
-.Vt OCSP_RESPID
-object, representing an ASN.1
-.Vt ResponderID
-structure defined in RFC 6960.
-Such an object is used inside
-.Vt OCSP_RESPDATA .
-.Fn OCSP_RESPID_free
-frees
-.Fa respid .
-.Pp
-.Fn OCSP_response_create
-creates an
-.Vt OCSP_RESPONSE
-object for
-.Fa status
-and optionally including the basic response
-.Fa bs .
-.Pp
-.Fn OCSP_response_status
-returns the OCSP response status of
-.Fa resp .
-It returns one of the values
-.Dv OCSP_RESPONSE_STATUS_SUCCESSFUL ,
-.Dv OCSP_RESPONSE_STATUS_MALFORMEDREQUEST ,
-.Dv OCSP_RESPONSE_STATUS_INTERNALERROR ,
-.Dv OCSP_RESPONSE_STATUS_TRYLATER ,
-.Dv OCSP_RESPONSE_STATUS_SIGREQUIRED ,
-or
-.Dv OCSP_RESPONSE_STATUS_UNAUTHORIZED .
-.Pp
-.Fn OCSP_response_status_str
-converts one of the
-.Fa status
-codes returned by
-.Fn OCSP_response_status
-to a string consisting of one word.
-.Pp
-.Fn OCSP_response_get1_basic
-decodes and returns the
-.Vt OCSP_BASICRESP
-object contained in
-.Fa resp .
-It is only called if the status of a response is
-.Dv OCSP_RESPONSE_STATUS_SUCCESSFUL .
-.Pp
-.Fn OCSP_basic_sign
-signs the OCSP response
-.Fa bs
-using the certificate
-.Fa signer ,
-the private key
-.Fa key ,
-the digest
-.Fa dgst ,
-and the additional certificates
-.Fa certs .
-If the
-.Fa flags
-option
-.Dv OCSP_NOCERTS
-is set, then no certificates will be included in the request.
-If the
-.Fa flags
-option
-.Dv OCSP_RESPID_KEY
-is set, then the responder is identified by key ID
-rather than by name.
-.Sh RETURN VALUES
-.Fn OCSP_RESPONSE_new
-and
-.Fn OCSP_response_create
-return a pointer to an
-.Vt OCSP_RESPONSE
-object or
-.Dv NULL
-if an error occurred.
-.Pp
-.Fn OCSP_BASICRESP_new
-and
-.Fn OCSP_response_get1_basic
-return a pointer to an
-.Vt OCSP_BASICRESP
-object or
-.Dv NULL
-if an error occurred.
-.Pp
-.Fn OCSP_RESPBYTES_new ,
-.Fn OCSP_RESPDATA_new ,
-and
-.Fn OCSP_RESPID_new
-return a pointer to an empty
-.Vt OCSP_RESPBYTES ,
-.Vt OCSP_RESPDATA ,
-or
-.Vt OCSP_RESPID
-object, respectively, or
-.Dv NULL
-if an error occurred.
-.Pp
-.Fn OCSP_response_status
-returns a status value.
-.Pp
-.Fn OCSP_response_status_str
-returns a pointer to a static string.
-.Pp
-.Fn OCSP_basic_sign
-return 1 on success or 0 on failure.
-.Sh SEE ALSO
-.Xr EVP_DigestInit 3 ,
-.Xr OCSP_cert_to_id 3 ,
-.Xr OCSP_request_add1_nonce 3 ,
-.Xr OCSP_REQUEST_new 3 ,
-.Xr OCSP_resp_find_status 3 ,
-.Xr OCSP_sendreq_new 3
-.Sh STANDARDS
-RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate
-Status Protocol, section 4.2: Response Syntax
-.Sh HISTORY
-These functions first appeared in OpenSSL 0.9.7
-and have been available since
-.Ox 3.2 .

diff --git a/src/lib/libcrypto/man/OCSP_response_status.3 b/src/lib/libcrypto/man/OCSP_response_status.3 deleted file mode 100644 index 4e85384fb0..0000000000 --- a/src/lib/libcrypto/man/OCSP_response_status.3 +++ /dev/null
@@ -1,308 +0,0 @@
1	.\" $OpenBSD: OCSP_response_status.3,v 1.8 2019/08/27 09:40:29 schwarze Exp $
2	.\" full merge up to: OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400
3	.\" selective merge up to: OpenSSL 6738bf14 Feb 13 12:51:29 2018 +0000
4	.\"
5	.\" This file is a derived work.
6	.\" The changes are covered by the following Copyright and license:
7	.\"
8	.\" Copyright (c) 2016, 2019 Ingo Schwarze <schwarze@openbsd.org>
9	.\"
10	.\" Permission to use, copy, modify, and distribute this software for any
11	.\" purpose with or without fee is hereby granted, provided that the above
12	.\" copyright notice and this permission notice appear in all copies.
13	.\"
14	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
15	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
16	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
17	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
18	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
20	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21	.\"
22	.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
23	.\" Copyright (c) 2014, 2016, 2018 The OpenSSL Project. All rights reserved.
24	.\"
25	.\" Redistribution and use in source and binary forms, with or without
26	.\" modification, are permitted provided that the following conditions
27	.\" are met:
28	.\"
29	.\" 1. Redistributions of source code must retain the above copyright
30	.\" notice, this list of conditions and the following disclaimer.
31	.\"
32	.\" 2. Redistributions in binary form must reproduce the above copyright
33	.\" notice, this list of conditions and the following disclaimer in
34	.\" the documentation and/or other materials provided with the
35	.\" distribution.
36	.\"
37	.\" 3. All advertising materials mentioning features or use of this
38	.\" software must display the following acknowledgment:
39	.\" "This product includes software developed by the OpenSSL Project
40	.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
41	.\"
42	.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
43	.\" endorse or promote products derived from this software without
44	.\" prior written permission. For written permission, please contact
45	.\" openssl-core@openssl.org.
46	.\"
47	.\" 5. Products derived from this software may not be called "OpenSSL"
48	.\" nor may "OpenSSL" appear in their names without prior written
49	.\" permission of the OpenSSL Project.
50	.\"
51	.\" 6. Redistributions of any form whatsoever must retain the following
52	.\" acknowledgment:
53	.\" "This product includes software developed by the OpenSSL Project
54	.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
55	.\"
56	.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
57	.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
58	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
59	.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
60	.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
61	.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
62	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
63	.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
64	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
65	.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
68	.\"
69	.Dd $Mdocdate: August 27 2019 $
70	.Dt OCSP_RESPONSE_STATUS 3
71	.Os
72	.Sh NAME
73	.Nm OCSP_RESPONSE_new ,
74	.Nm OCSP_RESPONSE_free ,
75	.Nm OCSP_RESPBYTES_new ,
76	.Nm OCSP_RESPBYTES_free ,
77	.Nm OCSP_BASICRESP_new ,
78	.Nm OCSP_BASICRESP_free ,
79	.Nm OCSP_RESPDATA_new ,
80	.Nm OCSP_RESPDATA_free ,
81	.Nm OCSP_RESPID_new ,
82	.Nm OCSP_RESPID_free ,
83	.Nm OCSP_response_create ,
84	.Nm OCSP_response_status ,
85	.Nm OCSP_response_status_str ,
86	.Nm OCSP_response_get1_basic ,
87	.Nm OCSP_basic_sign
88	.Nd OCSP response functions
89	.Sh SYNOPSIS
90	.In openssl/ocsp.h
91	.Ft OCSP_RESPONSE *
92	.Fn OCSP_RESPONSE_new void
93	.Ft void
94	.Fn OCSP_RESPONSE_free "OCSP_RESPONSE *resp"
95	.Ft OCSP_RESPBYTES *
96	.Fn OCSP_RESPBYTES_new void
97	.Ft void
98	.Fn OCSP_RESPBYTES_free "OCSP_RESPBYTES *respbytes"
99	.Ft OCSP_BASICRESP *
100	.Fn OCSP_BASICRESP_new void
101	.Ft void
102	.Fn OCSP_BASICRESP_free "OCSP_BASICRESP *bs"
103	.Ft OCSP_RESPDATA *
104	.Fn OCSP_RESPDATA_new void
105	.Ft void
106	.Fn OCSP_RESPDATA_free "OCSP_RESPDATA *respdata"
107	.Ft OCSP_RESPID *
108	.Fn OCSP_RESPID_new void
109	.Ft void
110	.Fn OCSP_RESPID_free "OCSP_RESPID *respid"
111	.Ft OCSP_RESPONSE *
112	.Fo OCSP_response_create
113	.Fa "int status"
114	.Fa "OCSP_BASICRESP *bs"
115	.Fc
116	.Ft int
117	.Fo OCSP_response_status
118	.Fa "OCSP_RESPONSE *resp"
119	.Fc
120	.Ft const char *
121	.Fo OCSP_response_status_str
122	.Fa "long code"
123	.Fc
124	.Ft OCSP_BASICRESP *
125	.Fo OCSP_response_get1_basic
126	.Fa "OCSP_RESPONSE *resp"
127	.Fc
128	.Ft int
129	.Fo OCSP_basic_sign
130	.Fa "OCSP_BASICRESP *bs"
131	.Fa "X509 *signer"
132	.Fa "EVP_PKEY *key"
133	.Fa "const EVP_MD *dgst"
134	.Fa "STACK_OF(X509) *certs"
135	.Fa "unsigned long flags"
136	.Fc
137	.Sh DESCRIPTION
138	.Fn OCSP_RESPONSE_new
139	allocates and initializes an empty
140	.Vt OCSP_RESPONSE
141	object, representing an ASN.1
142	.Vt OCSPResponse
143	structure defined in RFC 6960.
144	.Fn OCSP_RESPONSE_free
145	frees
146	.Fa resp .
147	.Pp
148	.Fn OCSP_RESPBYTES_new
149	allocates and initializes an empty
150	.Vt OCSP_RESPBYTES
151	object, representing an ASN.1
152	.Vt ResponseBytes
153	structure defined in RFC 6960.
154	Such an object is used inside
155	.Vt OCSP_RESPONSE .
156	.Fn OCSP_RESPBYTES_free
157	frees
158	.Fa respbytes .
159	.Pp
160	.Fn OCSP_BASICRESP_new
161	allocates and initializes an empty
162	.Vt OCSP_BASICRESP
163	object, representing an ASN.1
164	.Vt BasicOCSPResponse
165	structure defined in RFC 6960.
166	.Vt OCSP_RESPBYTES
167	contains the DER-encoded form of an
168	.Vt OCSP_BASICRESP
169	object.
170	.Fn OCSP_BASICRESP_free
171	frees
172	.Fa bs .
173	.Pp
174	.Fn OCSP_RESPDATA_new
175	allocates and initializes an empty
176	.Vt OCSP_RESPDATA
177	object, representing an ASN.1
178	.Vt ResponseData
179	structure defined in RFC 6960.
180	Such an object is used inside
181	.Vt OCSP_BASICRESP .
182	.Fn OCSP_RESPDATA_free
183	frees
184	.Fa respdata .
185	.Pp
186	.Fn OCSP_RESPID_new
187	allocates and initializes an empty
188	.Vt OCSP_RESPID
189	object, representing an ASN.1
190	.Vt ResponderID
191	structure defined in RFC 6960.
192	Such an object is used inside
193	.Vt OCSP_RESPDATA .
194	.Fn OCSP_RESPID_free
195	frees
196	.Fa respid .
197	.Pp
198	.Fn OCSP_response_create
199	creates an
200	.Vt OCSP_RESPONSE
201	object for
202	.Fa status
203	and optionally including the basic response
204	.Fa bs .
205	.Pp
206	.Fn OCSP_response_status
207	returns the OCSP response status of
208	.Fa resp .
209	It returns one of the values
210	.Dv OCSP_RESPONSE_STATUS_SUCCESSFUL ,
211	.Dv OCSP_RESPONSE_STATUS_MALFORMEDREQUEST ,
212	.Dv OCSP_RESPONSE_STATUS_INTERNALERROR ,
213	.Dv OCSP_RESPONSE_STATUS_TRYLATER ,
214	.Dv OCSP_RESPONSE_STATUS_SIGREQUIRED ,
215	or
216	.Dv OCSP_RESPONSE_STATUS_UNAUTHORIZED .
217	.Pp
218	.Fn OCSP_response_status_str
219	converts one of the
220	.Fa status
221	codes returned by
222	.Fn OCSP_response_status
223	to a string consisting of one word.
224	.Pp
225	.Fn OCSP_response_get1_basic
226	decodes and returns the
227	.Vt OCSP_BASICRESP
228	object contained in
229	.Fa resp .
230	It is only called if the status of a response is
231	.Dv OCSP_RESPONSE_STATUS_SUCCESSFUL .
232	.Pp
233	.Fn OCSP_basic_sign
234	signs the OCSP response
235	.Fa bs
236	using the certificate
237	.Fa signer ,
238	the private key
239	.Fa key ,
240	the digest
241	.Fa dgst ,
242	and the additional certificates
243	.Fa certs .
244	If the
245	.Fa flags
246	option
247	.Dv OCSP_NOCERTS
248	is set, then no certificates will be included in the request.
249	If the
250	.Fa flags
251	option
252	.Dv OCSP_RESPID_KEY
253	is set, then the responder is identified by key ID
254	rather than by name.
255	.Sh RETURN VALUES
256	.Fn OCSP_RESPONSE_new
257	and
258	.Fn OCSP_response_create
259	return a pointer to an
260	.Vt OCSP_RESPONSE
261	object or
262	.Dv NULL
263	if an error occurred.
264	.Pp
265	.Fn OCSP_BASICRESP_new
266	and
267	.Fn OCSP_response_get1_basic
268	return a pointer to an
269	.Vt OCSP_BASICRESP
270	object or
271	.Dv NULL
272	if an error occurred.
273	.Pp
274	.Fn OCSP_RESPBYTES_new ,
275	.Fn OCSP_RESPDATA_new ,
276	and
277	.Fn OCSP_RESPID_new
278	return a pointer to an empty
279	.Vt OCSP_RESPBYTES ,
280	.Vt OCSP_RESPDATA ,
281	or
282	.Vt OCSP_RESPID
283	object, respectively, or
284	.Dv NULL
285	if an error occurred.
286	.Pp
287	.Fn OCSP_response_status
288	returns a status value.
289	.Pp
290	.Fn OCSP_response_status_str
291	returns a pointer to a static string.
292	.Pp
293	.Fn OCSP_basic_sign
294	return 1 on success or 0 on failure.
295	.Sh SEE ALSO
296	.Xr EVP_DigestInit 3 ,
297	.Xr OCSP_cert_to_id 3 ,
298	.Xr OCSP_request_add1_nonce 3 ,
299	.Xr OCSP_REQUEST_new 3 ,
300	.Xr OCSP_resp_find_status 3 ,
301	.Xr OCSP_sendreq_new 3
302	.Sh STANDARDS
303	RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate
304	Status Protocol, section 4.2: Response Syntax
305	.Sh HISTORY
306	These functions first appeared in OpenSSL 0.9.7
307	and have been available since
308	.Ox 3.2 .