From e0f1ec3b2ec1b137695abc3199a62def5965351f Mon Sep 17 00:00:00 2001 From: "Dr. David von Oheimb" Date: Tue, 25 Apr 2023 19:26:36 +0200 Subject: CMP client: fix checking new cert enrolled with oldcert and without private key Reviewed-by: Tomas Mraz Reviewed-by: Todd Short Reviewed-by: David von Oheimb (Merged from https://github.com/openssl/openssl/pull/20832) --- doc/internal/man3/ossl_cmp_pkisi_get_status.pod | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'doc/internal') diff --git a/doc/internal/man3/ossl_cmp_pkisi_get_status.pod b/doc/internal/man3/ossl_cmp_pkisi_get_status.pod index 21f6f90b39..135be39ed6 100644 --- a/doc/internal/man3/ossl_cmp_pkisi_get_status.pod +++ b/doc/internal/man3/ossl_cmp_pkisi_get_status.pod @@ -43,8 +43,8 @@ ossl_cmp_pkisi_check_pkifailureinfo # define OSSL_CMP_PKIFAILUREINFO_duplicateCertReq 26 # define OSSL_CMP_PKIFAILUREINFO_MAX 26 - X509 *ossl_cmp_certresponse_get1_cert(const OSSL_CMP_CERTRESPONSE *crep, - const OSSL_CMP_CTX *ctx, EVP_PKEY *pkey); + X509 *ossl_cmp_certresponse_get1_cert(const OSSL_CMP_CTX *ctx, + const OSSL_CMP_CERTRESPONSE *crep); int ossl_cmp_pkisi_get_status(const OSSL_CMP_PKISI *si); const char *ossl_cmp_PKIStatus_to_string(int status); OSSL_CMP_PKIFREETEXT *ossl_cmp_pkisi_get0_statusString(const OSSL_CMP_PKISI *si); @@ -55,7 +55,7 @@ ossl_cmp_pkisi_check_pkifailureinfo ossl_cmp_certresponse_get1_cert() returns a pointer to a copy of the newly enrolled certificate from the given certResponse I, or NULL on error. -In case of indirect POPO uses data from the I and the private key I. +Uses data from I, which in case of indirect POPO includes the private key. ossl_cmp_pkisi_get_status() returns the PKIStatus of I, or -1 on error. -- cgit v1.2.3