From fc6e9613198740a5a8d30c697bdae2d6a46f8eb2 Mon Sep 17 00:00:00 2001 From: schwarze <> Date: Sat, 25 Mar 2017 22:21:21 +0000 Subject: document X509_Digest(3) and friends; from Rich Salz , OpenSSL commit 3e5d9da5 etc. --- src/lib/libcrypto/man/Makefile | 3 +- src/lib/libcrypto/man/X509_digest.3 | 133 ++++++++++++++++++++++++++++++++++++ 2 files changed, 135 insertions(+), 1 deletion(-) create mode 100644 src/lib/libcrypto/man/X509_digest.3 (limited to 'src/lib/libcrypto/man') diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index ba04657232..20d04f2484 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.117 2017/03/25 19:12:59 schwarze Exp $ +# $OpenBSD: Makefile,v 1.118 2017/03/25 22:21:21 schwarze Exp $ .include @@ -223,6 +223,7 @@ MAN= \ X509_check_host.3 \ X509_check_issued.3 \ X509_cmp_time.3 \ + X509_digest.3 \ X509_get_pubkey.3 \ X509_get_serialNumber.3 \ X509_get_subject_name.3 \ diff --git a/src/lib/libcrypto/man/X509_digest.3 b/src/lib/libcrypto/man/X509_digest.3 new file mode 100644 index 0000000000..eae69ea770 --- /dev/null +++ b/src/lib/libcrypto/man/X509_digest.3 @@ -0,0 +1,133 @@ +.\" $OpenBSD: X509_digest.3,v 1.1 2017/03/25 22:21:21 schwarze Exp $ +.\" OpenSSL X509_digest.pod 3ba4dac6 Mar 23 13:04:52 2017 -0400 +.\" +.\" This file was written by Rich Salz +.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in +.\" the documentation and/or other materials provided with the +.\" distribution. +.\" +.\" 3. All advertising materials mentioning features or use of this +.\" software must display the following acknowledgment: +.\" "This product includes software developed by the OpenSSL Project +.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" +.\" +.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to +.\" endorse or promote products derived from this software without +.\" prior written permission. For written permission, please contact +.\" openssl-core@openssl.org. +.\" +.\" 5. Products derived from this software may not be called "OpenSSL" +.\" nor may "OpenSSL" appear in their names without prior written +.\" permission of the OpenSSL Project. +.\" +.\" 6. Redistributions of any form whatsoever must retain the following +.\" acknowledgment: +.\" "This product includes software developed by the OpenSSL Project +.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY +.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR +.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +.\" OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.Dd $Mdocdate: March 25 2017 $ +.Dt X509_DIGEST 3 +.Os +.Sh NAME +.Nm X509_digest , +.Nm X509_CRL_digest , +.Nm X509_pubkey_digest , +.Nm X509_NAME_digest , +.Nm X509_REQ_digest , +.Nm PKCS7_ISSUER_AND_SERIAL_digest +.Nd get digests of various objects +.Sh SYNOPSIS +.In openssl/x509.h +.Ft int +.Fo X509_digest +.Fa "const X509 *data" +.Fa "const EVP_MD *type" +.Fa "unsigned char *md" +.Fa "unsigned int *len" +.Fc +.Ft int +.Fo X509_CRL_digest +.Fa "const X509_CRL *data" +.Fa "const EVP_MD *type" +.Fa "unsigned char *md" +.Fa "unsigned int *len" +.Fc +.Ft int +.Fo X509_pubkey_digest +.Fa "const X509 *data" +.Fa "const EVP_MD *type" +.Fa "unsigned char *md" +.Fa "unsigned int *len" +.Fc +.Ft int +.Fo X509_REQ_digest +.Fa "const X509_REQ *data" +.Fa "const EVP_MD *type" +.Fa "unsigned char *md" +.Fa "unsigned int *len" +.Fc +.Ft int +.Fo X509_NAME_digest +.Fa "const X509_NAME *data" +.Fa "const EVP_MD *type" +.Fa "unsigned char *md" +.Fa "unsigned int *len" +.Fc +.In openssl/pkcs7.h +.Ft int +.Fo PKCS7_ISSUER_AND_SERIAL_digest +.Fa "PKCS7_ISSUER_AND_SERIAL *data" +.Fa "const EVP_MD *type" +.Fa "unsigned char *md" +.Fa "unsigned int *len" +.Fc +.Sh DESCRIPTION +.Fn X509_pubkey_digest +returns a digest of the DER representation of the public key contained in +.Fa data . +All other functions described here return a digest of the DER +representation of their entire +.Fa data +object. +.Pp +The +.Fa type +parameter specifies the digest to be used, such as +.Xr EVP_sha1 3 . +.Fa md +is a pointer to the buffer where the digest will be copied and is +assumed to be large enough; a size of at least +.Dv EVP_MAX_MD_SIZE +bytes is suggested. +The +.Fa len +parameter, if not +.Dv NULL , +points to a place where the digest size will be stored. +.Sh RETURN VALUES +These functions return 1 for success or 0 for failure. +.Sh SEE ALSO +.Xr EVP_get_digestbyname 3 -- cgit v1.2.3-55-g6feb