1.\" $OpenBSD: X509_NAME_hash.3,v 1.3 2021/07/31 14:54:33 schwarze Exp $ 2.\" 3.\" Copyright (c) 2017, 2021 Ingo Schwarze <schwarze@openbsd.org> 4.\" 5.\" Permission to use, copy, modify, and distribute this software for any 6.\" purpose with or without fee is hereby granted, provided that the above 7.\" copyright notice and this permission notice appear in all copies. 8.\" 9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16.\" 17.Dd $Mdocdate: July 31 2021 $ 18.Dt X509_NAME_HASH 3 19.Os 20.Sh NAME 21.Nm X509_NAME_hash , 22.Nm X509_issuer_name_hash , 23.Nm X509_subject_name_hash , 24.\" X509_issuer_and_serial_hash() is intentionally undocumented 25.\" because it uses MD5 only and is unused in real-world code. 26.Nm X509_NAME_hash_old , 27.Nm X509_issuer_name_hash_old , 28.Nm X509_subject_name_hash_old 29.\" In the following line, "X.501" and "Name" are not typos. 30.\" The "Name" type is defined in X.501, not in X.509. 31.\" The type is called "Name" with capital "N", not "name". 32.Nd calculate SHA-1 or MD5 hashes of X.501 Name objects 33.Sh SYNOPSIS 34.In openssl/x509.h 35.Ft unsigned long 36.Fn X509_NAME_hash "X509_NAME *name" 37.Ft unsigned long 38.Fn X509_issuer_name_hash "X509 *x" 39.Ft unsigned long 40.Fn X509_subject_name_hash "X509 *x" 41.Ft unsigned long 42.Fn X509_NAME_hash_old "X509_NAME *name" 43.Ft unsigned long 44.Fn X509_issuer_name_hash_old "X509 *x" 45.Ft unsigned long 46.Fn X509_subject_name_hash_old "X509 *x" 47.Sh DESCRIPTION 48.Fn X509_NAME_hash 49calculates an 50.Xr SHA1 3 51hash of the DER-encoded form of 52.Fa name . 53It is for example used by 54.Xr X509_LOOKUP_hash_dir 3 55to locate certificate files in the file system. 56.Pp 57.Fn X509_issuer_name_hash 58and 59.Fn X509_subject_name_hash 60are wrappers to calculate this hash of the issuer or subject name of 61.Fa x , 62respectively. 63.Pp 64.Fn X509_NAME_hash_old , 65.Fn X509_issuer_name_hash_old , 66and 67.Fn X509_subject_name_hash_old 68are variants that use MD5 instead of SHA-1. 69.Sh RETURN VALUES 70These functions return the hash value or 0 if an error occurs. 71.Sh SEE ALSO 72.Xr i2d_X509_NAME 3 , 73.Xr X509_get_subject_name 3 , 74.Xr X509_LOOKUP_new 3 , 75.Xr X509_NAME_digest 3 , 76.Xr X509_NAME_new 3 77.Sh HISTORY 78.Fn X509_subject_name_hash 79first appeared in SSLeay 0.4.0, 80.Fn X509_issuer_name_hash 81in SSLeay 0.5.1, and 82.Fn X509_NAME_hash 83in SSLeay 0.8.0. 84They were switched to hashing the DER representation of the name 85rather than an ASCII rendering in SSLeay 0.9.0 and have all been 86available since 87.Ox 2.4 . 88.Pp 89They were switched to using SHA1 instead of MD5 in OpenSSL 1.0.0 and in 90.Ox 4.9 . 91.Pp 92.Fn X509_NAME_hash_old , 93.Fn X509_issuer_name_hash_old , 94and 95.Fn X509_subject_name_hash_old 96first appeared in OpenSSL 1.0.0 and have been available since 97.Ox 4.9 . 98