[openssl] master update
kaishen.yy at antfin.com
kaishen.yy at antfin.com
Thu Jan 16 03:29:32 UTC 2020
The branch master has been updated
via 9372ddf1a294d61dcbf507680e4e3d5b094ef71d (commit)
from 9ec7b6ad12529d2ab05b0b18fdabe1b12123f9d5 (commit)
- Log -----------------------------------------------------------------
commit 9372ddf1a294d61dcbf507680e4e3d5b094ef71d
Author: Paul Yang <kaishen.yy at antfin.com>
Date: Tue Sep 10 13:08:29 2019 +0800
Add doc for TS_VERIFY_CTX_set_certs()
This addition is based on PR #9472.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9838)
-----------------------------------------------------------------------
Summary of changes:
doc/man3/TS_VERIFY_CTX_set_certs.pod | 57 ++++++++++++++++++++++++++++++++++++
util/missingcrypto.txt | 1 -
util/missingmacro.txt | 1 -
util/other.syms | 1 +
4 files changed, 58 insertions(+), 2 deletions(-)
create mode 100644 doc/man3/TS_VERIFY_CTX_set_certs.pod
diff --git a/doc/man3/TS_VERIFY_CTX_set_certs.pod b/doc/man3/TS_VERIFY_CTX_set_certs.pod
new file mode 100644
index 0000000000..a7aae4acda
--- /dev/null
+++ b/doc/man3/TS_VERIFY_CTX_set_certs.pod
@@ -0,0 +1,57 @@
+=pod
+
+=head1 NAME
+
+TS_VERIFY_CTX_set_certs, TS_VERIFY_CTS_set_certs
+- set certificates for TS response verification
+
+=head1 SYNOPSIS
+
+ #include <openssl/ts.h>
+
+ STACK_OF(X509) *TS_VERIFY_CTX_set_certs(TS_VERIFY_CTX *ctx,
+ STACK_OF(X509) *certs);
+ STACK_OF(X509) *TS_VERIFY_CTS_set_certs(TS_VERIFY_CTX *ctx,
+ STACK_OF(X509) *certs);
+
+=head1 DESCRIPTION
+
+The Time-Stamp Protocol (TSP) is defined by RFC 3161. TSP is a protocol used to
+provide long term proof of the existence of a certain datum before a particular
+time. TSP defines a Time Stamping Authority (TSA) and an entity who shall make
+requests to the TSA. Usually the TSA is denoted as the server side and the
+requesting entity is denoted as the client.
+
+In TSP, when a server is sending a response to a client, the server normally
+needs to sign the response data - the TimeStampToken (TST) - with its private
+key. Then the client shall verify the received TST by the server's certificate
+chain.
+
+TS_VERIFY_CTX_set_certs() is used to set the server's certificate chain when
+verifying a TST. B<ctx> is the verification context created in advance and
+B<certs> is a stack of B<X509> certificates.
+
+TS_VERIFY_CTS_set_certs() is a misspelled version of TS_VERIFY_CTX_set_certs()
+which takes the same parameters and returns the same result.
+
+=head1 RETURN VALUES
+
+TS_VERIFY_CTX_set_certs() returns the stack of B<X509> certificates the user
+passes in via parameter B<certs>.
+
+=head1 HISTORY
+
+The spelling of TS_VERIFY_CTX_set_certs() was corrected in OpenSSL 3.0.0.
+The misspelled version TS_VERIFY_CTS_set_certs() has been retained for
+compatibility reasons, but it is deprecated in OpenSSL 3.0.0.
+
+=head1 COPYRIGHT
+
+Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt
index cf6824d49e..7f1cf49ab3 100644
--- a/util/missingcrypto.txt
+++ b/util/missingcrypto.txt
@@ -1070,7 +1070,6 @@ TS_TST_INFO_set_serial(3)
TS_TST_INFO_set_time(3)
TS_TST_INFO_set_tsa(3)
TS_TST_INFO_set_version(3)
-TS_VERIFY_CTX_set_certs(3)
TS_VERIFY_CTX_add_flags(3)
TS_VERIFY_CTX_cleanup(3)
TS_VERIFY_CTX_free(3)
diff --git a/util/missingmacro.txt b/util/missingmacro.txt
index 3d825b199d..8738c87d9f 100644
--- a/util/missingmacro.txt
+++ b/util/missingmacro.txt
@@ -175,4 +175,3 @@ X509V3_set_ctx_test(3)
X509V3_set_ctx_nodb(3)
EXT_BITSTRING(3)
EXT_IA5STRING(3)
-TS_VERIFY_CTS_set_certs(3)
diff --git a/util/other.syms b/util/other.syms
index c6b2404f2c..b57af07c7d 100644
--- a/util/other.syms
+++ b/util/other.syms
@@ -562,3 +562,4 @@ OSSL_TRACE_CANCEL define
OSSL_TRACE1 define
OSSL_TRACE2 define
OSSL_TRACE9 define
+TS_VERIFY_CTS_set_certs define deprecated 3.0.0
More information about the openssl-commits
mailing list