From aa4d426b4d3527d7e166df1a05058c9a4a0f6683 Mon Sep 17 00:00:00 2001
From: Wojtek Kosior <wk@koszkonutek-tmp.pl.eu.org>
Date: Fri, 30 Apr 2021 00:33:56 +0200
Subject: initial/final commit

---
 openssl-1.1.0h/doc/crypto/X509_check_ca.pod | 45 +++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 openssl-1.1.0h/doc/crypto/X509_check_ca.pod

(limited to 'openssl-1.1.0h/doc/crypto/X509_check_ca.pod')

diff --git a/openssl-1.1.0h/doc/crypto/X509_check_ca.pod b/openssl-1.1.0h/doc/crypto/X509_check_ca.pod
new file mode 100644
index 0000000..b79efb5
--- /dev/null
+++ b/openssl-1.1.0h/doc/crypto/X509_check_ca.pod
@@ -0,0 +1,45 @@
+=pod
+
+=head1 NAME
+
+X509_check_ca - check if given certificate is CA certificate
+
+=head1 SYNOPSIS
+
+   #include <openssl/x509v3.h>
+
+   int X509_check_ca(X509 *cert);
+
+=head1 DESCRIPTION
+
+This function checks if given certificate is CA certificate (can be used
+to sign other certificates).
+
+=head1 RETURN VALUE
+
+Function return 0, if it is not CA certificate, 1 if it is proper X509v3
+CA certificate with B<basicConstraints> extension CA:TRUE,
+3, if it is self-signed X509 v1 certificate, 4, if it is certificate with
+B<keyUsage> extension with bit B<keyCertSign> set, but without
+B<basicConstraints>, and 5 if it has outdated Netscape Certificate Type
+extension telling that it is CA certificate.
+
+Actually, any non-zero value means that this certificate could have been
+used to sign other certificates.
+
+=head1 SEE ALSO
+
+L<X509_verify_cert(3)>,
+L<X509_check_issued(3)>,
+L<X509_check_purpose(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
-- 
cgit v1.2.3