*** UNIX MANUAL PAGE BROWSER ***

A Nergahak database for man pages research.

Navigation

Location: Home > OpenBSD > Section 3 > X509_cmp
Quick Actions: [Home] [Up]

Directory Browser

1Browse 4.4BSD4.4BSD
1Browse Digital UNIXDigital UNIX 4.0e
1Browse FreeBSDFreeBSD 14.3
1Browse MINIXMINIX 3.4.0rc6-d5e4fc0
1Browse NetBSDNetBSD 10.1
1Browse OpenBSDOpenBSD 7.7
1Browse UNIX v7Version 7 UNIX
1Browse UNIX v10Version 10 UNIX

Manual Page Search

Manual Page Result

0 Command: X509_cmp | Section: 3 | Source: OpenBSD | File: X509_cmp.3
X509_CMP(3) FreeBSD Library Functions Manual X509_CMP(3) NAME X509_cmp, X509_NAME_cmp, X509_issuer_and_serial_cmp, X509_issuer_name_cmp, X509_subject_name_cmp, X509_CRL_cmp, X509_CRL_match - compare X.509 certificates and related values SYNOPSIS #include <openssl/x509.h> int X509_cmp(const X509 *a, const X509 *b); int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); int X509_issuer_name_cmp(const X509 *a, const X509 *b); int X509_subject_name_cmp(const X509 *a, const X509 *b); int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); int X509_CRL_match(const X509_CRL *a, const X509_CRL *b); DESCRIPTION X509_cmp() compares two X.509 certificates using memcmp(3) on the hashes of their canonical (DER) representations as generated with X509_digest(3). The digest function is implementation-specific: LibreSSL uses SHA-512, other implementations use SHA-1. X509_NAME_cmp() compares two X.501 Name objects using their canonical (DER) representations generated with i2d_X509_NAME(3). X509_issuer_and_serial_cmp() compares the issuer and serialNumber fields of two TBSCertificate structures, using X509_NAME_cmp() for the issuer fields. X509_issuer_name_cmp() compares the issuer fields of two TBSCertificate structures using X509_NAME_cmp(). X509_subject_name_cmp() compares the subject fields of two TBSCertificate structures using X509_NAME_cmp(). X509_CRL_cmp() is misnamed; it only compares the issuer fields of two TBSCertList structures using X509_NAME_cmp(). X509_CRL_match() compares two certificate revocation lists using memcmp(3) on the hashes of their canonical (DER) representations as generated with X509_CRL_digest(3). The digest function is implementation-specific: LibreSSL uses SHA-512, other implementations use SHA-1. RETURN VALUES All these functions return 0 to indicate a match or a non-zero value to indicate a mismatch. X509_NAME_cmp(), X509_issuer_and_serial_cmp(), X509_issuer_name_cmp(), X509_subject_name_cmp() and X509_CRL_cmp() may return -2 to indicate an error. SEE ALSO i2d_X509_NAME(3), X509_CRL_new(3), X509_digest(3), X509_NAME_new(3), X509_new(3) STANDARDS RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile - section 4.1: Basic Certificate Fields - section 5.1: CRL Fields HISTORY X509_issuer_and_serial_cmp(), X509_issuer_name_cmp(), and X509_subject_name_cmp() first appeared in SSLeay 0.5.1 and X509_NAME_cmp() and X509_CRL_cmp() in SSLeay 0.8.0. These functions have been available since OpenBSD 2.4. X509_cmp() first appeared in OpenSSL 0.9.5 and has been available since OpenBSD 2.7. X509_CRL_match() first appeared in OpenSSL 1.0.0 and has been available since OpenBSD 4.9. BUGS For X509_NAME_cmp(), X509_issuer_and_serial_cmp(), X509_issuer_name_cmp(), X509_subject_name_cmp() and X509_CRL_cmp(), the return value -2 sometimes indicates a mismatch and sometimes an error. FreeBSD 14.1-RELEASE-p8 June 7, 2024 FreeBSD 14.1-RELEASE-p8

Navigation Options

Actions: [Home] [Back] [New Search]
Browse: [Browse OpenBSD] [Section 3]
Print/Export: [Print] [Raw Text]
Date: 2025-08-18 Time: 19:21:56 SAST |
Page generated in 0.4145 seconds
Nergahak ManpageViewer v1.4
[Back to Top]